Paying ransomware ransom is now illegal, according to the Treasury Department

In an official advisory, the U.S. Department of the Treasury’s Office of Foreign Assets Control (OFAC) stated that organizations that facilitate ransomware payments to hackers on behalf of ransomware victims, including financial institutions, cyber insurance firms, and companies involved in digital forensics and incident response, are violating OFAC regulations, and may be subject to civil penalties for sanctions violations, even if they are not fully aware of the relationships of all of the parties involved.


Cisco ordered to pay $1.9 billion for security patent infringement

A judge in Virginia has ruled that Cisco has infringed on four patents belonging to Centripetal Networks, a company headquartered in that state. Centripetal is the creator of RuleGate, a threat intelligence gateway platform and had sued Cisco for adopting the technology into its own products. Cisco defended their actions and is set to appeal, but the the judge said his decision was “not a close call,” and that in some cases even Cisco’s own technical documents proved Centripetal’s case.

(Info Security)

Covid tracking in Microsoft Excel loses 16,000 test results in England

A one million-row limit on Microsoft’s Excel spreadsheet software may have led Public Health England (PHE) to misplace nearly 16,000 Covid test results. This error means that 50,000 potentially infectious people may have been missed by contact tracers and not told to self-isolate. PHE was responsible for collating the test results from public and private labs, but rapid development of the testing program has meant that much of the work is still done manually, with individual labs sending CSV files which were to be appended to the bottom of a master Excel spreadsheet.

(The Guardian)

Europol issues warning about cybercrime growth

In its latest Internet Organized Crime Threat Assessment report, Europol, the EU’s chief law enforcement agency, states that cyber-criminals continued to adapt and grow in sophistication over the past year, while staying hidden on the dark web. The report states that ransomware remains the most dominant threat today and is becoming more dangerous due to sophisticated, multi-stage raids, while widespread under-reporting of cybercrime, due to the fear of negative publicity leading to reputational fallout continues to hamper law enforcement.

(Info Security)

Thanks to this week’s sponsor, Detectify

Detectify is where security engineers and developers come to collaborate and build safer web apps using ethical hacker knowledge. Using payload-based testing, Detectify checks for 2000+ known vulnerabilities and helps you stay on top of emerging threats. Start a free 2-week trial today!

GitHub adds code scanning for automatic security-hole searches

GitHub is making the technology free to use for developers working on public repositories. This follows GitHub’s purchase last year of Semmle, a semantic code analysis engine used to seek out vulnerabilities in code belonging to huge organizations like Uber, NASA, and Google. It scans code in real-time and notifies a developer if they’ve missed a known security hole before it is merged with a broader project. GitHub says that that beta users of the scanner fixed 72% of security errors before merging in the last 30 days.


Payment card industry data security compliance slumps 28% since 2016

A new report from Verizon reveals that on average only 27.9% of global organizations maintained full compliance with the Payment Card Industry Data Security Standard (PCI DSS). A related Verizon report shows that 86% of data breaches last year were financially motivated and in the retail vertical, 99% of security incidents focused on the acquisition of payment data by attackers. Verizon suggests that many firms still lack resources and commitment from the top to drive long-term compliance strategies, and that the pandemic has increased the volume of contactless payments, making detection and compliance more difficult.

(Infosecurity Magazine)

UN maritime agency hacked, despite robust protection measures

The United Nations International Maritime Organization (UN IMO) disclosed a security breach over the weekend that the agency categorized as a “sophisticated cyber-attack” against its IT systems. The incident was discovered on Thursday and impacted their public website and other web-based services. Although the affected systems were taken down and then restored by Friday, the agency, which issues international guidance on shipping, passenger ships, maritime security, and maritime environmental protection said the attack “overcame robust security measures” it had in place to protect its IT systems. The type of attack has not yet been revealed.


Detecting deep fakes with a heartbeat

Researchers at SUNY and Intel state that deepfaked videos can be identified because they don’t convincingly mimic human blood circulation in the face. A human face contains subtle shifts in color that result from pulses in blood circulation. Videos can be enhanced to observe these shifts, officially called photoplethysmography, or PPG, which, the researchers say, cannot yet be convincingly recreated in deepfake videos. The application that the researchers have developed, named FakeCatcher, currently boasts a 90% accuracy level.

(Schneier on Security)